Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
FTC Pushes Back 'Red Flag' Deadline
Companies have another six months to develop identity theft prevention programs
Tech Insight: Digital Forensics & Incident Response Go Live
New tools, methods emerge for leveraging forensic data and memory analysis in the wake of an attack
Microsoft Blue Hat: Researcher Demos No-Hack Attack
Wealth of available online data on individuals, businesses can be used in targeted attacks
Making ID & Access Management More Accessible
New tools automate, simplify the access certification process
When Dates Attack
Dating 'alert' sites allow women to put an 'ex' on trial without rebuttal
SSL VPN Secures iPhone, Extranet Sessions
Silicon Valley startup gets more mileage out of its VPN
Inspector General Report: Two IRS Applications Leave Taxpayer Data at Risk
IRS knowingly rolled out systems that contained security vulnerabilities
Users Know Security Policy & Break It Anyway, Study Says
Many users feel they need to work around company security rules, according to RSA research
Stolen eBay Account Booty Found
Over 5,000 pilfered accounts - mostly from newly registered, less active eBay user accounts
World Bank Hacked, Sensitive Data Exposed
Hacked Web servers, a stolen administrative account, and lot of unanswered questions
The Six Most Promising Security Startups of 2008
Judges unveil six finalists in the annual Global Security Challenge
Free Tool Hacks Banking, Webmail, and Social Networking Sessions
Man-in-the-middle attack tool automates hacks for non-Web security experts
Deutsche Telekom & T-Mobile Confirm Theft of Personal Data on 17M Customers
Data stolen in 2006 is already in use by criminals, reports say
'Super Users' Could Threaten Database Security, Study Says
Survey by Independent Oracle Users Group says most database administrators haven't implemented proper defenses
IBM Takes On Retail Crime
New package of integrated products and services offered as alternative to current mishmash of in-store security technology
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
